diff options
-rw-r--r-- | pom.xml | 14 | ||||
-rw-r--r-- | src/main/bin/start.sh | 23 | ||||
-rw-r--r-- | src/main/docker/Dockerfile | 27 | ||||
-rw-r--r-- | src/main/java/org/onap/aai/sa/Application.java | 36 |
4 files changed, 47 insertions, 53 deletions
@@ -228,6 +228,19 @@ limitations under the License. <artifactId>spring-boot-starter-security</artifactId> </dependency> + <!--Logback classic--> + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-classic</artifactId> + <version>1.2.1</version> + </dependency> + + <dependency> + <groupId>ch.qos.logback</groupId> + <artifactId>logback-core</artifactId> + <version>1.2.1</version> + </dependency> + </dependencies> <repositories> @@ -254,6 +267,7 @@ limitations under the License. </repositories> <build> + <finalName>search-data-service-package</finalName> <plugins> <plugin> <groupId>org.springframework.boot</groupId> diff --git a/src/main/bin/start.sh b/src/main/bin/start.sh index 4c812b3..2f14a98 100644 --- a/src/main/bin/start.sh +++ b/src/main/bin/start.sh @@ -1,6 +1,6 @@ #!/bin/sh -BASEDIR="/opt/app/search-data-service/" +BASEDIR="/opt/app/search-data-service" if [ -z "$CONFIG_HOME" ]; then echo "CONFIG_HOME must be set in order to start up process" @@ -11,22 +11,25 @@ if [ -z "$KEY_STORE_PASSWORD" ]; then echo "KEY_STORE_PASSWORD must be set in order to start up process" exit 1 else - echo "server.ssl.key-store-password=$KEY_STORE_PASSWORD" >> $BASEDIR/config/application.properties + ## Extract java jar to DEOBFUSCATE the password. + CURR_D=`pwd` + cd $BASEDIR + jar xf search-data-service-package.jar + sudo java -cp ./BOOT-INF/lib/jetty-util-9.4.8.v20171121.jar org.eclipse.jetty.util.security.Password $KEY_STORE_PASSWORD > pass.txt 2>> pass.txt + PASS=`sed "2q;d" pass.txt` + sudo rm pass.txt + cd $CURR_D fi ## tomcat_keystore to p12 -## keytool -importkeystore -deststorepass onapSecret -destkeypass onapSecret -srckeystore /opt/app/search-data-service/config/auth/tomcat_keystore -destkeystore /opt/app/search-data-service/config/auth/onap.p12 -deststoretype PKCS12 -srcstorepass onapSecret -keytool -importkeystore -noprompt -deststorepass onapSecret -destkeypass onapSecret -srckeystore /opt/app/search-data-service/config/auth/tomcat_keystore -destkeystore /opt/app/search-data-service/config/auth/onap.p12 -deststoretype PKCS12 -srcstorepass onapSecret +keytool -importkeystore -noprompt -deststorepass $PASS -destkeypass $PASS -srckeystore $BASEDIR/config/auth/tomcat_keystore -destkeystore $BASEDIR/config/auth/onap.p12 -deststoretype PKCS12 -srcstorepass $PASS ## import into cacerts -## keytool -importkeystore -deststorepass changeit -destkeypass changeit -destkeystore $JAVA_HOME/jre/lib/security/cacerts -srckeystore /opt/app/search-data-service/config/auth/onap.p12 -srcstoretype PKCS12 -srcstorepass onapSecret -alias tomcat -keytool -importkeystore -noprompt -deststorepass changeit -destkeypass changeit -destkeystore $JAVA_HOME/jre/lib/security/cacerts -srckeystore /opt/app/search-data-service/config/auth/onap.p12 -srcstoretype PKCS12 -srcstorepass onapSecret -alias tomcat - - +sudo keytool -importkeystore -noprompt -deststorepass changeit -destkeypass changeit -destkeystore /$JAVA_HOME/jre/lib/security/cacerts -srckeystore $BASEDIR/config/auth/onap.p12 -srcstoretype PKCS12 -srcstorepass $PASS -alias tomcat PROPS="$PROPS -Dlogback.configurationFile=$BASEDIR/bundleconfig/etc/logback.xml" -#PROPS="$PROPS -Dserver.port=9509" PROPS="$PROPS -DCONFIG_HOME=$CONFIG_HOME" +PROPS="$PROPS -DKEY_STORE_PASSWORD=$KEY_STORE_PASSWORD" JVM_MAX_HEAP=${MAX_HEAP:-1024} -java -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=8000 $PROPS -jar $BASEDIR/search-data-service-1.2.0-SNAPSHOT.jar --spring.config.location=$BASEDIR/config/application.properties +java $PROPS -jar $BASEDIR/search-data-service-package.jar
\ No newline at end of file diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile index 1b0ce46..1fccaf4 100644 --- a/src/main/docker/Dockerfile +++ b/src/main/docker/Dockerfile @@ -1,18 +1,15 @@ -# FROM ubuntu:14.04 -FROM onap/search-service:0.0.1 +FROM ubuntu:14.04 ARG MICRO_HOME=/opt/app/search-data-service ARG BIN_HOME=$MICRO_HOME/bin -# RUN apt-get update - ## Install and setup java8 -# RUN apt-get update && apt-get install -y software-properties-common +RUN apt-get update && apt-get install -y software-properties-common ## sudo -E is required to preserve the environment. If you remove that line, it will most like freeze at this step -# RUN sudo -E add-apt-repository ppa:openjdk-r/ppa && apt-get update && apt-get install -y openjdk-8-jdk +RUN sudo -E add-apt-repository ppa:openjdk-r/ppa && apt-get update && apt-get install -y openjdk-8-jdk ## Setup JAVA_HOME, this is useful for docker commandline -# ENV JAVA_HOME usr/lib/jvm/java-8-openjdk-amd64 -# RUN export JAVA_HOME +ENV JAVA_HOME usr/lib/jvm/java-8-openjdk-amd64 +RUN export JAVA_HOME # Build up the deployment folder structure RUN mkdir -p $MICRO_HOME @@ -24,16 +21,4 @@ RUN ln -s /logs $MICRO_HOME/logs EXPOSE 9509 9509 -# CMD ["/opt/app/search-data-service/bin/start.sh"] - - -# COPY search-data-service-1.2.0-SNAPSHOT.jar / -## Tomcat keystore will be mapped in via mounted volumes. -##COPY tomcat_keystore / -####COPY onap-cert.crt / -####COPY client-cert-onap.p12 / -#COPY start.sh / -## RUN chmod +x start.sh - -EXPOSE 5443 5443 -EXPOSE 8000 8000 +CMD ["/opt/app/search-data-service/bin/start.sh"] diff --git a/src/main/java/org/onap/aai/sa/Application.java b/src/main/java/org/onap/aai/sa/Application.java index 2ccebd1..69dab1e 100644 --- a/src/main/java/org/onap/aai/sa/Application.java +++ b/src/main/java/org/onap/aai/sa/Application.java @@ -20,34 +20,26 @@ */
package org.onap.aai.sa;
-// import org.eclipse.jetty.util.security.Password;
-
+import org.eclipse.jetty.util.security.Password;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.boot.builder.SpringApplicationBuilder;
+import org.springframework.boot.web.support.SpringBootServletInitializer;
+
+import java.util.HashMap;
@SpringBootApplication
-public class Application {
+public class Application extends SpringBootServletInitializer {
+
-// public static String[] deobfuscateArgs(String[] args, String ... attrnames) {
-//
-// String[] deobfuscatedArgs = args.clone();
-//
-// Password.deobfuscate("HI");
-//
-// //System.setProperty(arg0, arg1)
-//
-// return deobfuscatedArgs;
-// }
-//
public static void main(String[] args) {
-
- //server.ssl.key-store-password=onapSecret
- //server.ssl.key-password=onapSecret
-// args = new String[]{"-Dserver.ssl.key-store-password", "onapSecret",
-// "-Dserver.ssl.key-password", "onapSecret"};
-
- SpringApplication.run(Application.class, args);
- //deobfuscateArgs(args, "server.ssl.key-store-password", "server.ssl.key-password"));
+ String keyStorePassword = System.getProperty("KEY_STORE_PASSWORD");
+ if(keyStorePassword==null || keyStorePassword.isEmpty()){
+ throw new RuntimeException("Env property KEY_STORE_PASSWORD not set");
+ }
+ HashMap<String, Object> props = new HashMap<>();
+ props.put("server.ssl.key-store-password", Password.deobfuscate(keyStorePassword));
+ new Application().configure(new SpringApplicationBuilder (Application.class).properties(props)).run(args);
}
}
|